Petitforum : Security Vulnerabilities, CVEs, CVSS score >= 1
message.php in Petitforum does not properly authenticate users, which allows remote attackers to impersonate forum users via a modified connect cookie.
Max CVSS
6.8
EPSS Score
0.58%
Published
2003-12-31
Updated
2017-07-29
Petitforum stores the liste.txt data file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as e-mail addresses and encrypted passwords.
Max CVSS
5.0
EPSS Score
0.31%
Published
2003-12-31
Updated
2017-07-29
2 vulnerabilities found